The Cybersecurity and Infrastructure Security Agency and the National Security Agency on Thursday unveiled a best-practices guide to help organizations address security issues with their on-premises Microsoft Exchange Servers.
The agencies said they remain concerned about companies using misconfigured or unprotected versions of Exchange Server, particularly in situations where the server has reached end-of-life status.
Many organizations depend on Microsoft Exchange for critical tasks, Nick Andersen, executive assistant director of CISA’s Cybersecurity Division, told reporters during a conference call Thursday.
The best-practices guide comes two months after CISA and Microsoft warned of a high-severity vulnerability in Exchange Server that could allow an attacker with administrative privileges to pivot from an on-premises version of the server to a cloud version and gain control of a system.
CISA said the newly issued best-practices guide builds off of the agency’s emergency directive related to the vulnerability. The scope of the threat activity associated with the vulnerability remains unclear, as does the extent of impacted organizations’ mitigation actions.
Key international partner agencies from countries including Australia and Canada contributed to the guide
